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Art Unit: 2661 

DETAILED ACTION 
Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in 
this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

Claims 20-22 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Willis(6,389,453). 

With regards to claim 20 Willis teaches a method comprising: 
Transmitting IP packets(IP multicast packets) from a digital content server 
system(Fig. 10)15 . source network) through an extraterrestrial satellite(Fig. 
1@45) to a remote IP compatible network(Fig. 1@43 . 27, 35); receiving 
said IP packets at an integrated satellite receiver in communication with 
said remote IP compatible network(Fig. 1@43) and routing said packets 
from a routing processor mounted within said integrated satellite 
receiver(Fog 1@27 . layer 3 router) to a remote IP compatible receiving 
system in communication with said IP compatible network(Fig. 1@35); and 
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separately transmitting TCP/IP packets from said digital content server 
system trough Internet infrastructure to said remote IP compatible receiving 
system. (the system in Fig. 1 is capable of bi-directional communication 
over the internet between source and client. The protocol is TCP/IP) 

With regards to claim 21 , Willis teaches IP multicast packets being 
transmitted(col 1 lines 25-34). 

With regards to claim 22, routing IP multicast packet by a processor 
that included an IGMP compatible mode is inherently taught because Willis 
teaches transmitting IP multicast packets. IGMP is used by multicast 
routers, to locate and identify multicast group members, on their distinctly 
attached subnets. (IGMP is defined in RFCs 1 1 12 Appendix A and 1 122 
section 3.2.3). Hence it is a necessary feature in Willis. 

Any inquiry concerning this communication or earlier communications 
from the examiner should be directed to Kenneth N Vanderpuye whose 
telephone number is 703-308-7828. The examiner can normally be 
reached on M-F(7:30-5:00) Second Friday Off. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Doug Olms can be reached on 703-305-4703. The 
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Art Unit: 2661 

fax phone number for the organization where this application or proceeding 
is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained 
from the Patent Application Information Retrieval (PAIR) system. Status 
information for published applications may be obtained from either Private 
PAIR or Public PAIR. Status information for unpublished applications is 
available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on 
access to the Private PAIR system, contact the Electronic Business Center 
(EBC) at 866-21 7-91 97 (toll-free). 
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METHOD AND SYSTEM FOR ROUTING 
UNDIRECTIONAL MULTICAST DATA 

FIELD OF THE INVENTION 

The present invention relates generally to data 
communications, and more particularly to a system that 
provides for the unidirectional transmission of multicast data 
packets from a first network to a second network as well as 
bidirectional transmission of unicast data packets between 
the first and second networks. 

DESCRIPTION OF THE PRIOR ART 

In its simplest form, a network comprises two or more 
nodes that are interconnected such that data can be commu- 
nicated from one node of the network to any other node of 
the network. Networks can be connected to other networks 
by means of routers so that data can be passed from a node 
of a first network to one or more nodes of a second network. 
A network can also comprise a plurality of subnetworks 
interconnected by routers to make a larger network. 

In network protocols, such as TCP/IP, data is transmitted 
through the network in packets. An internet protocol (IP) 
packet comprises a header which contains, among other 
things, a destination address and a source address, and a data 
segment attached to the header. T here are at least three types 
of IP packets. A first type is a unicast packet in which tE e 
p acket is addressed from asingle source address to a singl e 
destination destination . Another type of IP pack et is a 
multicast packet that Is addressed from a single source" 
a <3idta5slo~a~group address that consists of a defined plurality 
of desti nation addresse s^jj gally. a third type of packet is a 
Broadcast packet tbat is broadcast from a single source 
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iddress to every destination in the network. 
\ Routers receive packets and forward the packets accord- 
ing to their source and destination addresses and the topol- 
ogy of the network. It is important that the same packet be 
delivered to its destination only once and that loops not be 
created in a network. A loop occurs when there are multiple 
paths between routers in a network and toe same packet is 
sent back and forth between two or more routers in an 
endless fashion. Loops are prevented by the use of reverse 
path forwarding checks. Each router knows the appropriate 
direction of travel of a packet from a particular source to a 
particular destination through the network. If a router 
receives a packet coming from the wrong direction, the 
router drops the packet without forwarding it. 

The interface between two separate networks is through 
boundary routers. All packets transmitted between the two 
networks go through the boundary routers. Thus, all packets 
addressed from a node in the first network to a node in the 
second network are routed to a boundary router of the first 
network. Similarly, all packets addressed from a node in the 
second network to a node in the first network are routed 
within the second network to a boundary router of the 
second network. Occasionally, it is desirable or necessary to 
have multiple communication links between two networks. 
For example, it may be necessary or desirable to transmit 
high bandwidth data, such as full motion video, from a first 
network to a second network, as well as normal internet data 
back and forth between the two networks. In such cases, the 
video data is typically transmitted over a unidirectional high 
bandwidth link such as a satellite link between the two 
networks. The normal internet traffic is transported over 
conventional internet links. 

A problem associated with transmitting data between the 
same two networks over separate links is that the separate 
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links typically enter the network through separate boundary 
routers. Thus, multicast packets from a source in the first 
network to a destination in the second network can travel 
through the second network in a direction opposite the 
direction unicast packets. A multicast packet traveling in 
what appears to be the wrong direction through the network 
will be eliminated by the reverse path forwarding checks 
performed by the routers. Thus, packets that enter the 
network through one of the boundary routers may not be 
able to be forwarded to all nodes of the network. 

SUMMARY OF THE INVENTION 

The present invention provides a method of and system 
for transmitting multicast packets unidirectionally from a 
transmitter of a source network to a receiver of a client 
network and unicast packets bidirectionally between the 
source network and the client network. In one of its aspects, 
the method of the present invention includes the steps of 
configuring a selected router of the client network to accept 
multicast packets from the receiver, establishing a virtual 
connection between the selected router of the client network 
and a selected router of the source network, and advertising 
in the client network that the virtual connection is the 
shortest path from the client network to the source network. 

According to the present invention, multicast packets are 
forwarded from a source in the source network to a selected 
router of the source network. The selected router of the 
source network forwards the multicast packets to a selected 
router of the client network over a unidirectional link. The 
selected router of the client network forwards the multicast 
packets to the client network. 

The client network forwards to the selected router of the 
client network all unicast packets addressed from a client of 
the client network to a source of the source network. The 
selected router of the client network encapsulates the unicast 
packets addressed from the client network to the source 
network and forwards the encapsulated unicast packets to 
the source network over a bidirectional link connecting the 
source and client networks. The selected router of the source 
network receives and decapsulates the encapsulated unicast 
packets. Then, the selected router of the source network 
forwards the decapsulated unicast packets to said source 
network. 

Similarly, the source network forwards to the selected 
router of the source network all unicast packets addressed 
from a source of the source network to a client of the client 
network. The selected router encapsulates the unicast pack- 
ets received from the source network and forwards those 
encapsulated unicast packets to the client network over the 
bidirectional link. The selected router of the client network 
receives and decapsulates the encapsulated unicast packets 
received over the bidirectional link. The selected router of 
the client network forwards decapsulated unicast packets to 
the client network. 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIG. 1 is a block diagram of a system according to the 
present invention. 

FIG. 2 is block diagram illustrating an encapsulated 
packet according to the present invention. 

DESCRIPTION OF THE PREFERRED 
EMBODIMENT 

Referring now to the drawings, and first to FIG. 1, a 
source network is designated generally by the numeral 11 
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and a client network is designated generally by the numeral tunnel 47, such as a general route encapsulation tunnel, 

13. Source network 11 includes a source node 15 and a between router 25 and router 17 of source network 11, 

router 17. Client network is relatively complex and it advertising to client network 13 that tunnel 47 is the shortest 

comprises an intranet 19, which includes routers 21-27 and path from client network 13 to source network 17, and by 

client nodes 29-35. 5 configuring router 25, preferably with a static MROUTE 

Networks 11 and 13 are interconnected by the internet 37 entry, to accept multicast packets from receiver 43. 

and a satellite link, designated generally by the numeral 39. Tunnel 47 is established by encapsulating all unicast 

Satellite link 39 includes an uplink transmitter 41, which is packets transported between source network 11 and client 

part of source network 11 , and downlink receiver 43, which network 13 over internet 37. Referring to FIG. 2, an encap- 
is part of client network 13, and a satellite 45. Satellite link to sulated packet is designated by the numeral 49. Encapsu- 

3Q_pmvides a fri flh bandwidth unidirectional transmission lated packet 49 includes a header 51 and a data portion 53. 

patBToTnluTgca^racRgts betweennetworini and network Data portion 53 comprises a packet designated generally by 

ten the numeral 55. Packet 55 includes a header 57 and a data 

~~*nie internet 37 pro vides a relatively low bandwid th portion 59. Packet 55 is a standard unicast packet the header 

bidii^Iionai I xansmissiO D _p_ath, pref erably f or unicast 15 of which includes origination and destination node addresses 

packets, between source network U and client network 13. in networks 11 and 13. Header 51 of encapsulated packet 49 

Router 17 is configured to route multicast packets to includes the addresses of routers 17 and 25. 

uplink transmitter 41, a nd as will be explained in detai l Referring again to FIG. 1, according to the present 

hereinafter. to_enrapsulate andj oute unicast p ackets from invention, router 17 encapsulates unicast packets addressed 

s ource network 11 to client network 13"via the internet 37. 20 from source node 15 to a client node 29-35 of client network 

As is well known to those skilled in the art, the internet 13 in an encapsulated packet addressed from router 17 to 

37 comprises a large number of interconnected routers. router 25. Physically, the encapsulated packet is transported 

Thus, there are multiple paths through internet 37 between from* router 17 to router 25 by way of the internet 37, router 

router 17 of source network 11 and router 21 of client 21, and intranet 19. However, logically, the encapsulated 

network 13. However, unicast all internet traffic between packet is transported through the virtual connection of 

source network U and client network 13 is routed through tunnel 47. When the encapsulated packet arrives at router 25, 

routers 17 and 21. Thus, with respect to traffic through router 25 decapsulates the packet by stripping off the encap- 

interoet 37, routers 17 and 21 are physical boundary routers sulation header and then routes the decapsulated packet to 

for networks U and 13 respectively. All unicast packets ^ the appropriate client node. 

addressed from a node of network U to a node of network For unicast packets addressed from a client node 29-35 of 

13 are physically received at router 21 of network 13. network U to source node 15, by advertising that tunnel 47 

For purposes of illustrating the problem solved by the is the shortest route between network 13 and network 11, the 

present invention and ignoring the encapsulation feature of routers of network 13 forward the unicast packet to router 

the present invention, a unicast packet addressed from 35 25. For example, a packet addressed from client node 29 to 

source node 15 of network 11 to client node 35 of network source node 15 would be routed to router 25 by router 23 

13 would be received at router 21/ Router 21 wtfuld forward through intranet 19 rather than to router 21. When router 25 

the packet through internet 19 to router 25. Router 25 in turn receives the packet, router 25 encapsulates the packet into an 

would forward the packet to router 27, which would in turn encapsulated packet addressed from router 25 to router 17. 

forward the packet to node 35. 40 Physically, the encapsulated packet is forwarded to router 17 

Routers, 21-27 expect to see any multicast packet through intranet 19, router 21, and the internet 37. However, 

addressed from a node of network 11 to arrive according to logically, the encapsulated packet is forwarded to router 17 

the unicast routing topology, which in the example of FIG. of ^rce network 11 through tunnel 47. Router 17 decap- 

1 is from the physical direction of internet 37. According to sulates the packet and forwards the decapsulated packet to 

reverse path forwarding procedures, any such packet seen to 45 source noc * e 

arrive from any other physical direction will be dropped in Router 25 is configured to accept multicast packets from 

order to prevent loops. Multicast packets addressed from down link receiver 43. Thus, when a multicast packet arrives 

source node 15 of network 11 to a group address that at router 25 from receiver 43, router 25 forwards the packet 

includes client nodes 29-35 of network 13 will be transmit- appropriately. For example, router 25 would forward a 

ted over satellite link 39 to receiver 43. Receiver 43 is 50 multicast packet having a group destination address that 

physically coupled to router 25 and 27. Packets arriving includes client node 29 through intranet 19 to router 23. 

from receiver 43 at router 27 will be seen by router 27 to be From the foregoing, it may seen that by making router 25 

traveling in the proper direction. Accordingly, router 27 will the virtual boundary router of client network 13 for both 

forward multicast packets received at receiver 43 to client multicast and unicast packets, packets can be routed to all 

node 35. However, for purposes of illustration and ignoring 55 nodes of the network without violating reverse path for- 

the features of the present invention, multicast packets warding checks. All packets addressed to a node of client 

arriving at router 25 from receiver 43 will be seen as network 13 appear to enter network 13 at router 25. 

traveling in the wrong physical direction. Thus, those mul- Similarly, all packets addressed from a node of client 

ticast packets will fail the reverse path forwarding check at network 13 to a node of source network 11 are forwarded to 

router 25 and will not be forwarded to client nodes 29 and 60 router 25. Thus, the present invention overcomes the short- 

31. comings of the prior art. 

The present invention solves the problem illustrated by What is claimed is: 

the foregoing examples by making router 25 me virtual 1. A method of transmitting multicast packets unidirec- 

boundary router of client network 13 for both unicast tionally from a transmitter of a source network to a receiver 

packets received via the internet 37 and multicast packets 65 of a client network and unicast packets bidirectionally 

received via satellite link 39. Router 25 is made the virtual between said source network and said client network, which 

boundary router by establishing a virtual connection or comprises the steps of: 
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[57] ABSTRACT 

A verifier is provided for assessing unique characteristics 
exhibits by a user over a period of time. The unique 
characteristics are captured through various interactions 
with the user over time using a habit capture system which 
models the user's characteristics when he or she uses a 
keyboard, a mouse or a digitizer, among others. When the 
system is first used, the user is prompted to answer various 
questions, some of which inquire into personal information. 
As the user responds, information representative of the user 
is captured, including keyboard typing patterns, mouse click 
patterns, misspelling patterns, among others. Data captured 
by the habit capture system is provided to a verifier which 
samples the user's characteristics and compares the charac- 
teristics of the current user with that stored in a database. 

20 Claims, 9 Drawing Sheets 
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INTERNET BASED TRAINING Historically, teachers, professors and educators have for 

BACKGROUND OF THE INVENTION centuries informed and raised awareness of the populace 

1 Field of the Invention using printed publications such as books and libraries. 

" . . . , , , However, the inexorable march of technology has provided 

The invention relates to an apparatus and a method for , , ^ ^ nli to ^ computer . since the sixties, 
identity venficatton, and more paracularly, to an apparatus experimenUl ^^^^ training systems such « 

^l^lZ^^r^T y J2^° tdUnDB « ccuti -8 °° Control Data Corporation's 

one or more computer-based training sessions. . - . ° , _ . , r 

2. Description of the Related Art mainframes, have appeared. More recenUy computer*ased 

-n.j r.u_- . . . educational programs have become available to subscribers 

The dawn of the microprocessor age has ushered an era irt . rtt . 0# T.^JT.^ nr i*u , „. . A , 

. , . • j j- • ™ 10 and other students with access to a microcomputer and a 

with previously unimagmed dimensions. Through the , . . ~ . - 

enabling .ecology of St microprocessor, an indfSdual K£^X2fc^^ 

can leverage his or her creative power to perform a wide CT . . t . . , v , , * , 7~ 

. f . f . - . i . , , , supplement the more traditional teaching tools such as 

variety of lriformaUon-processinc tasks that previously had . , ¥I ... 6 - . 

. *'„ A tn - J ; . rl^v: ii T . books. However, the present solutions are not competitive 

to be assigned to enure departments. Additionally, the net- ^ „ * t • • \ , . . . . . ,. *^ 

, . . . v . J 9 , . 15 with television shows and interactive multimedia games, 

works that made the microprocessor ubiquitous around the r. ^ , . . & 

, , \_ , V 1 ^ Furthermore, due to security issues, present day computer 

world empower the user with a global broadcasting capa- 1. , . J i_ i • . 

e l * u t ■ i i l . . *■ - , aided instruction systems have been limited to non-credit 

bility. Such technological lever has shifted the traditional ,^ iw . tU »u . .* , r . «, 

y „ - * * a- . • . . , ^- classes to eliminate the thorny potentials for cheating. Thus. 

power structure from central offices to individuals located in . . . 7 *~ t . , t . ,uua » 

c a „• « .« . , M . , . . , the current solutions require the student to take tests at a 

far-flung offices around the world, allowing decisions to be _ , , # r n . t , , . . 

. . * « .7 20 cental testing facility to minimize incidents of cheating, 

made quicker and more accurately. A „. . & . I . . , . 

. Although a number of more enlightened universities such as 

The empowerment of the individual by the niicroproces- ^ Univcrsity ^ d lo ^ „ bonor ^ te ^ 

sor has provided a fundamental and pervasive impact on feilh m humanity fe stuj not the norm in most universities, 

civilizations. In the past, certain citizens could rely on brute ^ for universities, requiring students to appear at 

strength as a substitute for formal training or educaUon. ^ predetermined test locations is a necessary evil to ensure the 

However because a well trained workforce is vital to the ^iiy of the grade and the honors bestowed upon the 

growth of nations, the proper training of citizens has sig- studeQts ^ requiremcnt ^ unnecessary overhead costs 

nificant national implications, for mer who fad to tra^ f()r bolh the cducation mstit ution and the student, 

citizens in technological matters face significant disruptions Furthermore, the requirement reduces the productive time 

in their economies, possibly leading to extinction. M mat the studeol studying of ^ 

As reported in America's popular press, many improve- 
ments are needed to sustain the status of America as a world SUMMARY OF THE INVENTION 
power. In the U.S., higher education remains a labor- The present invention provides a verifier for assessing 
intensive service industry made up of fiercely independent unique characteristics exhibited by the user. The unique 
and mutually suspicious organizations, each of which jeal- 35 characteristics are captured through various interactions 
ously guards its expensive and underused facilities. Despite with the user over a period of time using a habit capture 
all the tax advantages and private and public subsidies system which models the user's characteristics when he or 
associated with higher education, annual tuition increases she uses a keyboard, a mouse or a digitizer, among others, 
have become a hallmark for America's colleges and univer- When the system is first used, the user is prompted to answer 
sities. Furthermore, tuitions are expected to consume ever 40 various questions, some of which inquire into personal 
larger fractions of family budgets, leave so many graduates information. As the user responds, information representa- 
laden with debt and compel more and more prospective tive of the user is captured, including keyboard typing 
students to select colleges on the basis of cost rather than patterns, mouse click patterns, misspelling patterns, among 
academic abilities or personal preferences. others. A database connected to the habit capture system 

Additionally, the U.S. educational system has to over- 45 stores the habits and personal characteristics of the user 

come a number of other forces that are unrelated to financial captured during the initial session. 

burdens. One such force negatively affecting the effective- Subsequently, data captured by the habit capture system is 
ness of the school system is the lack of qualified faculties or provided to a verifier which is in turn connected to the 
teachers for classrooms. The U.S. educational system also database. The verifier samples the user's characteristics and 
faces competition in the form of television shows and 50 compares the characteristics of the current user with that 
interactive multimedia games, most of which resort to stored in the database. In the event of a variance, the verifier 
graphical uses of violence and sex. Given such competition asserts an error signal. The error signal is provided to a lock 
for the students' mind-share, traditional teaching tools such system which ejects the user out of the application in the 
as books and lectures face significant hurdles. event that the verifier indicates a mismatch between the 
Yet another force that negatively impacts the effectiveness 55 database characteristics and the characteristics of the current 
of the educational system is the rigid structure built into our user. Alternatively, the error signal can silently generate a 
existing educational system. This rigid structure forces stu- warning to the educational institution while allowing the 
dents to commute to school, regardless of the relationship of student to continue the session in the event that the verifier 
the courses to high traffic time. Additionally, to compensate indicates a mismatch between the database characteristics 
for the lack of qualified teachers, the average class size has 60 and the characteristics of the current user, 
increased. Furthermore, the U.S. educational system rigidly In one embodiment of the present invention, a 
enforces group learning. This herd mentality is sub-optimal, multimedia-based training course is used in conjunction 
as me more intelligent members of the class are constrained with the verifier for insuring the integrity of the student 
to progress at the average class rate. Thus, the rigidity of our testing process. In this embodiment, a portion or the entire 
existing educational infrastructure causes a significant 65 course material is encrypted and placed onto a recordable 
amount of time to be wasted in doing things other than medium such as a compact disk read only memory (CD- 
learning. ROM) with sufficient storage to support video and multi- 



5,909,589 

3 4 

media graphics rivaling lhat of interactive video games. A capability, the Internet 50 grew into a super-network inter- 
menu system is provided to allow toe student to browse connecting computers at universities, government/military 
specific topics. Furthermore, the students can fast forward offices, and research centers around the world 
and reverse each chapter as necessary to ensure a complete The primary elements of the Internet 50 are host computer 
comprehension of the course matenal. Thus, by automating 5 systems that are linked by a backbone telecommunications 
the educational process, the present mvenUon minimizes the network. The network is similar to a special purpose tele- 
resource dram on educators as well as administrative assis- phone line that is always open and talking* bostcomputers. 
tants m administering the course. A system of advanced protocols tellsAese computers how 
In this embodiment, the profiler propounds a list of to locate and exchange data with one another, passing 
questions highly specific to the student during the first *<> information from computer to computer as the system 
session such only that student could be expected to answer seeking informauon reaches the system that houses the 
those questions correctly in the future. These queries include desired data. Packets of informauon are detoured around 
the telephone number and other personal information which nonoperative systems if necessary, until the information 
is very familiar to the student and to which a predictable finds its way to the proper destination 
teystroke pattern response can be expected. Additionally, * p^fe^ the computers communicate over the network 
while the student learns his or her matenal, the verifier runs using the same language or protocol called transmission 
silently in the background to collect the appropriate student protocol/Internet protocol (TCP/IP). Furthermore, 
characteristics. During the test periods, the present invention although some computer networks may not provide TCP/IP 
nwmtors the user s characteristics and compares the user's capability, they may still communicate with the Internet 50 
unique characterise with that stored in a database. lu the 20 through one or more gateways that can actually be a host that 
event of a mismatch, the present invention either cancels the passes attain types of data such as e-mail between net- 
test-taking session and/or generates a warning to the edu- Additionally, although not shown, the present inven- 
caUon^u^bmUon.^teraativeIy,iE .the event that the user's don contemplates that multiple networks Jan be linked 
characteristics match the characteristics in the database, at and connected to the Internet 50 via a hub that 
the end of the course, the present invention generates the 25 cnablcs on ^ Detworks to talk to one another 
appropriate grade and provides a report of the appropriate aod to other computers elsewhere on the Internet 50. 
statistics to the educational insutuuon. «, f . 4 ,1 , J . 

The Internet 50 has proved to be a remarkable way for 

BRIEF DESCRIPTION OF THE DRAWINGS people to communicate and share information. However, in 

3Q its native form, the interface of the Internet 50 is so 

A better understanding of the present invention can be nonintuitive that only computer specialists could navigate 
obtained when the following detailed description of the the Internet 50. To overcome this problem, a World-Wide 
preferred embodiment is considered in conjunction with the Web (WWW) is distributed across thousands of host corn- 
following drawings, in which: puters attached into. the system's communications network. 

FIG. 1 is a block diagram illustration of a communication 35 ^ World-Wide Web is simply a series of communications 
architecture over the Internet for the present invention; of protocols representative of information in documents that 

FIG. 2 is a block diagram of a computer in accordance ™ u[d to other documents and stored on computers 

with the present invention; throughout the Internet. Users of the Internet 50 could access 

TTtr* !*• a . ^h. . . . documents or pages via a program called a browser. 

iJS't, * ' ^ m ** ^P* 6 '" ,0 Although early browsers were text-only, today's browsers 

based training process of the present invention; « offer ^doiitaed icons, pull-down menus, bit-map 

FIG. 3B is a continuation flow chart of FIG. 3A illustrat- graphics and colorful links to display hyper-text documents, 
ing the MindPnnt initialization and course restarting process The graphical Web browser thus supports an informauon 
in accordance with the present invention; revolution and a cultural phenomenon. Like other distrib- 

F1G. 3C is a continuing flow chart of FIGS. 3A and 3B 45 uted applications, the Web is based on the client/server 
illustrating events in taking the course on the computer in model, in which Web pages reside on host computers, such 
accordance with the present invention; as a database server 76, 80, or 84 that "serve up" pages when 

FIG. 4 is a flow chart illustrating in more detail the course a ,ocal computer such as the personal computer 100 requests 
work step of FIG. 3C; me m. 

FIG. 5 is a flowchart illustrating in more detail the verifier 50 In addition to the Internet 50, an Intranet 60 also exists, 
of FIG. 4; The Intranet 60 is one variation of the Internet 50 for large 

FIG. 6 is a flow chart ulustrating in more detail a monitor organizations such ^ corporations and universities, which 
reply step of FIG. 5; and offers ^P 0105 capability and e-mail that enables collabo- 

™^ _ . „ ' . ... . - ., . ration as well as communication among geographically 

m-!SL ."v T 8 m m ° re dCUl1 "* 55 dispersed divisions. The Intranet 60 is coLcted to the 

MindPnnt imUalization process. Imeraet ^ yia a mainframe 52 AdditionallVf a pIural ity of 

DETAILED DESCRIPTION OF THE workstations or terminals 62 and 65 are connected to the 

PREFERRED EMBODIMENT Intranet. I nus via the Intranet 60 and the mainframe 52, the 

workstations or terminals 62 and 65 can access the Internet 
Turning now to FIG. 1, the environment and the commu- 60 50- The availability of Internet 50 and Intranet 60 access 
nications network in which the present invention is practiced provides companies and large organizations the ability to 
is shown. In FIG. 1, an Internet 50 provides the communi- distribute information more efficiently by allowing different 
cation backbone for the present invention. The Internet 50 is information systems and databases to be interconnected, 
a network linking other networks. As a progeny of a U.S. In addition to the mainframe 52, a number of other 

Department of Defense project to link military and research 65 devices can be attached to the Internet 50. For instance, a 
computer systems in a fail-safe network to prevent a single large capacity disk array 54 may be linked to the Internet 50 
nuclear strike from disabling all military computer to store historical information in the database until response 
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to queries is directed at the database on the disk array 54. services data network (ISDN), and cable. The ISP 90 can 
Additionally, a supercomputer 56 may be attached to the communicate and interact with the personal computer 100 
Internet 50. The supercomputer 56 provides high speed using a plurality of protocols and/or languages, including 
hardware for compute intensive applications which may be Java and Visual Basic. Java is an object oriented program- 
accessed on an as-needed basis. 5 ming language develop by Sun Microsystems. Modeled 

Furthermore, although the mainframe 52, the disk array after C++, the Java language was designed to be small, 
54 and the mainframe 56 are connected to the Internet 50 via simple and portable across platforms and operating systems, 
high speed land lines such as 11 or T3 lines, other commu- both at the source and at the binary leveL Platform inde- 
ntation s media are available as well. For instance, a pendence is one of the most significant advantages that Java 
satellite dish 70 is connected to the Internet 50 to provide an 1Q has over other programming languages. At the source level, 
uplink via a satellite 72 to a remote microwave receiver 74 Java's primitive data types have consistent sizes across all 
on the downlink. The antenna station 74 in turn is connected development platforms. Java's foundation class libraries 
to a server 76 to provide a wireless link between the server make it easy to write code that can be moved from platform 
76 and the Internet 50. to platform without the need to rewrite it to work with a new 

Additionally, a plurality of ProEd servers 80 and 84 are platform. At the source level, Java's primitive data types 

also connected to the Internet 50. The ProEd server 84 is a have consistent sizes across all development platforms 

mirror server of the ProEd server 80. Both servers 80 and 84 Java's foundation class libraries make it easier to write code 

are preferably Windows NT™ based servers available from that can be moved from platform to platform without a need 

^^rv^^L Redmond, AoUdonally to customize the application to the platform. Via Java, the 

PtoEd servers*) and 84 operate under^ol^adc mode of ^ ^ mlelli t mechanism for lo ^ 

Windows NT™ to ensure re liability. The Wolfpack mode 20 _i . . . ■ . f . ™^ 

ties together servers 80 and 84 with f ailover capability and a °l Updatmg matenaJs to user of computer 100 

basic system monitoring software. Servers 80 and 84 contain Ilie P* 1 * 00 * 1 computer 100 is suitably equipped with a 

authentication codes to be accessed by the user computer as modem, a browser software, communications software, and 

well as student performance profile information and specific a software package from ProEducational International Inc. 

course-in-progress information. 25 °^ Cypress, Tex., as further illustrated in FIG. 2. 

Furthermore, a personal computer 100 is provided to Furthermore, the computer 100 accepts the course material 
allow the student to study and take examinations on-line. m tDe f orm °f one or more diskettes or CD-ROMs from the 
The personal computer 100 is connected to the Internet 50 user and performs the subsequent log-on process. Referring 
via an Internet Service Provider (ISP) 90. Typically, the ISP now to FIG. 2, a more detailed block diagram of the 
90 is connected to the Internet 50 via a Tl connection. 30 computer 100 of FIG. 1 is shown. The computer of system 
Furthermore, the ISP 90 has a rack of modems that accepts 1M is preferably capable of supporting multimedia data 
multiple incoming calls simultaneously. The connection streams. Multimedia refers to the integration of text, audio, 
from the personal computer 100 is complete when it reaches graphics, still image, and moving pictures into a single 
the host computer, which in this case is the database server computer-controlled product and includes the combination 
80 or 84. The host computer database server 80 or 84 runs 35 of computers, video or compact disc players, video 
a Web server and other TCP/IP software which reads monitors, optical scanners, audio cards, music synthesizers, 
requests sent from the client computer 100 and retrieves and ctc *» ^ integrated through software. These applications 
sends the client computer 100 the appropriate information typically require the portable computer to support a large 
stored on the host database server 80 or 84. These host capacity disk drive and a CD-ROM (Compact Disk Read- 
computers may have dedicated H or T3 links to the Internet 40 Only-Memory) player on-board. 

50 backbone, or may be connected to the backbone through Turning now to FIG. 2, a central processing unit (CPU) 

a network of hosts. Alternatively, the host computer 80 or 84 U0 provides processing power for the computer system 100. 

may be connected to the Internet 50 via a gateway. The The CPU 110 is preferably an Intel Pentium® processor, 

gateway or router passes data packets to the wired world and although a number of other microprocessors may be used, 

is the interface between the network and the host applica- 45 including a PowerPC microprocessor, an R4000 

tion. Conceptually, the gateway acts as an independent microprocessor, a Sparc microprocessor, or an Alpha 

network driver to insulate the application from the need to microprocessor, among others. The CPU 110 is connected to 

know which particular interface is to be utilized with a a read only memory (ROM) 112. The ROM 112 provides 

particular network. Additionally, the router or gateway boot codes such as a system BIOS software that boots up the 

opens up the "envelope" of each message, whether inbound 50 CPU 110 and executes a power up self test (POST) code on 

or outbound, and forwards it to the appropriate destination. the computer system 100. 

In this function, the gateway is concerned mainly with the In addition, the CPU 110 is connected to a random access 

message flow control. The main function of the gateway is memory (RAM) 114. The RAM 114 allows the CPU 110 to 

to transfer data from one data protocol to another, and to buffer instructions as well as data in its buffer while the 

control the length on which the data is communicated. This 55 computer 100 is in operation. The RAM 114 is preferably a 

includes control and management of the complete TCP/IP dynamic RAM array with 32 megabytes of memory. In 

protocol stack. Furthermore, additional gateways are pro- addition, the CPU 110 is also connected to a real time clock 

vided through a Serial Line Internet Protocol (SLIP) or a and timer 116. The real time clock and timer 116 stores the 

point-to-point protocol (PPP) sub-network layer interface. dates and time information for the CPU 110. Furthermore, 

SLIP is a simple packet formatting facility which allows IP 60 the real time clock and timer 116 has a lithium backup 

packets to be transferred from one device to another across battery to maintain the time information even when the 

a point-to-point link. SLIP operates by attaching delimiter computer system 100 is turned off. 

bytes to the beginning and end of the packet and escape The CPU 110 is also connected to a disk storage device 

bytes within the packet, to assure that the delimiter byte does 118. The disk storage device 118 stores executable codes as 

not occur within the packet. 65 we ll as data to be provided to the CPU 110. Additionally, the 

Further, the ISP 90 is linked to the personal computer 100 CPU 110 is connected to a CD-ROM drive. Typically, an 

via a wide area network, including analog lines, integrated IBM PC compatible computer controls the disk drive 118 
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and the CD-ROM player 119 via an Intelligent Drive Elec- to a keyboard controller 130 for providing input information 
tronics (IDE) interface. IDE drives were originally devel- to the CPU 110. Thus, the user can type instructions and 
oped to be software compatible with an ST-506 compatible commands into the keyboard 132 for subsequent execution 
disk drive controller such as the WD- 1003 manufactured by or analysis by the CPU 110. Additionally, one or more serial 
Western Digital Corporation. As the ST-506 standard sup- 5 input/output (I/O) ports 134 are provided in the computer 
ports two disk drives, the IDE interface also supports two system 100. Connected to the serial I/O ports 134 are a 
drives which are referred to as master/slave drives. As both plurality of peripherals, including a mouse 140 and a fac- 
drives are mapped to the same location, each drive must simile modem 136. The facsimile modem 136 in turn is 
monitor a set of interface registers known as a task file connected to a telephone unit 138 for connection to the 
register and respond only when that drive is selected by the 10 mtemct t*™** provider 90. Via the modem 136, the per- 
select drive bit (SDB) register 80041 com P uter 100 accesses the telecommunications con- 
In a standard IBM compatible personal computer, the T^t^T ^ /' ' ^^ii ^P?^'* 
Basic Input/Output System (BIOS) software supports a ^ ™* ^ ^T^ * 
primary IDE channel interface having a number of VO ports ^^f 0 * of "PP". opt*, or satellite links to a 

accessible via the task file interface: OxOlFOh (data porU6 « lon f^^ cam f f P«* of P reseo f- ™ e ^ * * e ° 

. „ v /wrt*ciu IUA1177L / , i i ? . . routed to the central office nearest the Internet service 

bits), 0x01Flb-0x01F7h (command and status port, 8-bit - ri „ ^ mr 1V 

access only), and 0x03F6h-0x03F7h (reset drive and alter- P 1 ™" w V r iu. *h 

nate status, 8-bit access only). Additionally, a second chan- * ^ mcx ^ m » ^ nX f ^r cruising the World-Wide 

nel with IDE ports located at 0x0170h-Ox01Fh and Web. Preferably the modem 136 is a 28.8 kilobits per 

0x0376b-0x0377h is supported by the standard BIOS. To 20 modem converts information from the computer 

individually select the register ports, each channel provides mto ^g*^ transmitted by ^ordinary phone lines or 

chip select signals CS1 to decode registers located at I/O pl "? ol dJ ele P^ne service (POTS). Alternatively, the 

addresses OxOlFXh and 0x017Xh of the task file register and modem , ^ I ^I^. COnneCt " service digital 

CS3 to further decode the data and control registering $ SDH > *™ to dat f, * s P eeds U P to 128 

at I/O addresses Ox03F6h-Ox03F7h and 0x0376h-0x0377h 25 kilobits per second. On receipt of a call, the ISP 90 processes 

of the task file register. In this manner, the standard BIOS me ™l ucsl > Pf 5 **^ connecuon to its leased line link to a 

supports two IDE channels with separate pairs of CS1 and computer such as the database server 80 or 84 on the Internet 

CS3 signals. 50 

Additionally, the CT^^ J^T^\^t E ^ 

120. The video camera 120 supports video conferencing 30 S™E?m i * P ! 1,1?^ 11 

between the students and the educator. Furthermore, the V ° A \ l ™ pnDter 144 ftkUonally to 

■ . _ i * A , fc . j ! capture and verify the voice characteristics of the test taker, 

video camera 120 can also capture a picture of the student . „. , a AA L . . , 4 . . , ,77 Tr,' 

, , . : . _ a microphone 14© is connected to a sound board 146 which 

as he or she takes the test for authentication purposes. The ^ WrtfllQ n„ t .J~ 7™V Jr" ^ 

. •« . n r I , eventually provides the results to the CPU 110 for lmme- 

video camera 120 essentially consists of a lens, a charge- A: . ' *\ . , , . - 1Q r „. 

i j j * j i . j. ... 35 diate processing or to a disk drive 118 for online comparison 

coupled-device (CCD) array, and an analog to digital con- ... .K fl , ^ e - „, . , j /^T 

« , r t_ / it- ™ ^ , . , with the file on the server 80 or 84. The sound board 146 also 

verter. The lens focuses photons onto the CCD array, which , - „ _ - ... . , 

i» v,. , . . . ™- 7 , drives a music quality speaker 150 to support the 

generates voltages proportional to the photons. The analog mii i,; m ^«, u™i 7, ■ ■ * \J- 

M ™fL,i u *u /yt\ • _* j * * multimedia-based training software. As multimedia pro- 
voltages generated by the CCD array is converted into a , . ....... 

a-~i* if . § t a* '4 i r grams use several medium, the multimedia educational 

digital form by the analog to digital converter for processing f, , e # . . , . . , r 

bvthe CPU 110 40 syslem of P resent invention integrates the hardware of 

y *. the computer system 100 of the present invention. For 

The CPU 110 is also connected to a video card 122. The example, the sound cut is used to play sound, the monitor 
video card 122 has a character generator and a video RAM 124 is used to display movies and the CD-ROM player 119 
built m. If a certain character is to be displayed in text mode, is used to play CD quality audio to enhance the learning 
the CPU 110 only needs to pass the number of the code of 4J experience of the student. In this manner, sounds, 
this character to the graphics control chip on the video card animations, and video clips are coordinated to make the 
122. The video RAM holds data or codes that determine the computer-aided training more friendly, usable and interest- 
character to be displayed on the screen. The job of the m g 

character generator is to convert this code into a correspond- Xurnin now to nGS 3A> 3B ^ x {b& K)cess ^ 

mg pattern of ^pixels so that the character can be displayed 5Q form training and test-taking of the 

onscreen by the graphics control chip. Alternatively, in the t inveotk)0 ^ shown 3^^,, In ^ t 

graphics mode, the video RAM is read directly and the ' mvcD{io n 9 the course material could be stored on a high 

character generator is not enabled. On the back of the video densi ^ fl dis ^ 0f prefcra51 a CD-ROM. Tne disk or 

card 122 is one or more jacks. Connectors for monochrome CD-ROM containing the course material may be encrypted 

andreo;green,blue(RGB)monitorscanbep 55 m whole 0 r in part. From step 200 of FIG. 3A, the routine 

jacte. The connectors, which are adapted to be plugged mto reads me maleriaI from ^ CD-ROM player 119 in 

the jacks of the video card m eventually are connected to step 202> 0nce ^ studcnl has loaded ^ CD-ROM in the 

the input of a monitor 124 to be displayed. CD-ROM player 119 in step 202, the software on the 

The present invention also supports a pen-based user CD-ROM loads a gateway or a supervisor program up in 

interface. A digitizer 126 is connected to the CPU 110. ^ step 204. The supervisor loaded in step 204 then takes over 

Additionally, a pen 128 is provided to allow the user to write control of the computer to ensure the integrity of the learning 

or sign his or her signature. The pen 128 and digitizer 126 and test-taking process. From step 204, the supervisor dials 

in combination support another mode of data entry. the Internet 50 via the Internet service provider 90. In step 

Furthermore, a signature verification routine can receive the 208, the supervisor attaches to one of the servers 80 or 84 

pen data entry to ensure that the student is the test taker. 65 over the Internet 50. Next, the student signs on in step 208. 

While the video monitor 124 receives the output signals From step 208, in the event that a successful attachment 

from the CPU 110 to the user, a keyboard 132 is connected is made to the servers 80 and 84 over the Internet 50, the 
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routine of FIG. 3A proceeds to step 212 where it checks to see if the student has completed his or ber session in step 

see that the student is an authorized student. Id the event that 252. If not, the student is allowed to continue studying in 

the student is authorized in step 212, the routine of FIG. 3A step 250. Alternatively, in the event that the student is done 

proceeds to step 220 via a connector A. with the session in step 252, the routine proceeds to step 254 

From step 210, in the event that the attachment failed, a * where it reconnects to the server 80 or 84 over the Internet 

failure count is incremented in step 214. Next, the routine of ^ 

FIG. 3A checks to see if the failure count is greater than 2 From stc P mc routine of FIG. 3C then synchronizes 

in step 216. If so, the routine exits in step 208 so as to require its files **** re P orts its to the database stored in the 

that the student actually signs on. From step 216, in the event s f rver f° or 84 From 256 » tbe routine checks to see if 

that the failure count is less than 3, the routine proceeds to 10 , ^ d * n * j^f? m P lclcd *** malerials »mpued on 

step 223 via a connector B. This process allows the student the CD-ROM 250. If so, the routine prepares the final report 

to work even though in certain periods access to tbe Internet *T sem ! 5 rcpo ? to accrcditin g institution in step 260. 

50 might not be avaflable. Similarly, in the event that the ^^^ly, in tbe event that the course has not been 

student is not authorized in step 212, such as when he or she eU * m or ™ event that the course was 

is not enrolled in the course, the routine of FIG. 3A exits via is rom P Ietwl final report was prepared and sent to tbe 

step 218. proper authorities in step 260, the routine proceeds to step 

rrt , ,„ . . . , WWk „ 262 where it detaches from the server 80 or 84 before it exits 

TUnung now to FIG 3B the cocUouaUon of step 200 of the tfainin m 264 

FIG.3A is continued. In FIG. 3B, from the connector A, the . „ , CT _ \ . , . 

routine proceeds to step 222 where it checks to see whether Referring »ow to FIG. 4,tb=pro^ss for completing the 

the student has registered. If not, the routine proceeds J 0 * V** CD-ROM'S * ™* 

from step 222 to step 224 where it performs the regLration. ^ Fron, , st ?! docamca } s ^ 

This process essentially involves asking the studemTLries ~ the screen 124 of the personal com- 

of personal questions that only trjtfudenl is expected to Pf f Furt f Knn0rc ' t °J nake . lhe ™«enal as 

know on the spot. Furthermore, during the registration "^resUng as video games, the training routine of the present 

process, the routine collects a plural^ of identifying * P^es multimedia mformaUon in the form of 

imprints captured electronically such as the keyboard typing ™ ^J^T* * ^ 

rate, the mouse typing rate and common errors generated ^J**" " , T ^ documen,s 

lUis information is subsequently used to initialize me Mind- T? ^ atma ° r re "Ung to the 

Print database in step 226. From step 226 the routine *?, f% ST*"?" ^ * ^ 

proceeds to step 230. 30 subject matter of the CD-ROM. Thus, in step 274, in tbe 

... .. , , ' „„ . . , , event that the student does not have any questions, tbe 

Alternatively, from step 222, in the event that tbe student routine ^ ly , ^ to ^ ^ to read 

has already been registered, the r™tu« proceeds to step 228 additional documents or watch animations or video clips on 

where it dqwnloads the MmdPnnt database to a RAM more advanced topics. 

memory region. Tbe storing of the MindPrint information in .-. i • .u ...... . . 

• • . , , . . . . . 35 Alternatively, in the event that the student has questions 

a random memory repon prevents possible knowledgeable fa 2?4 fa ^ me *\ 2?6 

programmers from retnevmg and defeating the secunty and and to fBSolve ^ fons ^ ^ ^ 

verification processes of the present invention. , tU K ■ , . " 4 . .. . . " UWCVCI > 

_ \__ . ^ o \ because the database on-line is rather limited and is not as 

From step 226 or step 228, the routine checks to see if the flexib i e ^ ^ educator, in tbe event that the questions 

server data has been synchronized with the local data in step ^ cannot be resolved on-line in step 278, a teleconference is 

230. If not, the routine proceeds to step 232 where it arranged between the educator and the student in step 280 

synchronizes the local data on the student or the course with Ncxt , fr^ ^ 280, in the event that the student wishes to 

the server data. In this manner, in the event that the course stop tbe current session, fa routirje exits in step 286. 

material pointers on the local computer differ from that of Alternatively, the routine loops back to allow the student 

the server or in the event that new course material needs to 45 additional time to review existing material or to move on to 

be downloaded to update the materials present on the more advanced materials. Thus, the computer-aided training 

CD-ROM, the local computer disk is updated. system of the presem mvcrjt ion allows the student to proceed 

In the event that the server data is synchronized with the at his or her own pace and remove the rigid structure that 

local data in step 230, or after the synchronization of step traditional education systems impose. 

232, the routine proceeds to step 234 where it sends course 50 i n parallel, while the student is reviewing his or her course 

starting point information to the local personal computer material on the CD-ROM, a verifier 284 runs silently in the 

background to check tbe identity of the student. The verifier 

Alternatively, in the event that the failure count is less 284 is illustrated in more detail in FIG. 5. Referring now to 

than 3 in step 216, the routine proceeds via connector B to FIG. 5, from step 284 the verifier of the present invention 

step 236 where it sets the starting point to the last known 55 monitors the student's reply via conventional data entry 

local pointer on the personal computer 100. Next, from step methods such as keyboard and mouse, as shown in more 

234 or step 236, the routine of FIG. 3B starts or restarts the detail in FIG. 6. From step 292, the present invention also 

course and positions the pointer to the last point of use in captures the student's signature in step 294 via the digitizer 

step 238. Next, the routine disconnects from the server 80 or 126, if one is available. Additionally, from step 294, the 

84 in step 240. In this manner, the student can operate the 60 routine proceeds to step 296 where it captures the student's 

computer without relying on speed or load problems on the voice using the microphone 148 and a soundboard 146 as 

Internet 50. appropriate. Additionally, in step 298 the routine captures 

Turning now to FIG. 3C, from connector C, the routine the student's picture via the video camera 120. This infor- 

proceeds to step 250 where the student uses tbe material mation is correlated with the information stored in the 

supplied on tbe CD-ROM in completing his or her course 65 MindPrint database for the respective student in step 300. 

work. The processes involved in step 250 are described in The identity analysis process can be performed using a 

more detail in FIG. 4. From step 250, the routine checks to number of methods. One method based on expert system 
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technology, called expert control or intelligent control, 316, the routine also monitors for data entry errors such as 
acquires the knowledge of an expert investigator who can misspellings in step 318. The data entry errors are compared 
estimate with great accuracy the identity of an individual with the normal patterns for data entry in step 320. Thus, in 
based on his or her peculiar patterns. Based on the knowl- combinations, steps 310 through 320 collect characteristics 
edge base of the expert system, the expert system software 5 unique to the user over a period of time and use this 
can adjust the identification control strategy after receiving information to check that the current user exhibits a similar 
inputs on changes in the data entry. pattern to that shown over a period of time. This information 
One drawback of the expert system is that, as the expert is eventually used to provide a passive check into the 
system depends heavily on a complete transfer of the human characteristics of the current user. In step 322, in the event 
expert's knowledge and experience into an electronic 10 that the characteristic matches, the routine of FTG. 6 simply 
database, it is difficult to produce an expert system capable exits in step 326. Alternatively, if the characteristics do not 
of handling the dynamics of a complex system. Recently, match, the routine indicates a mismatch and generates 
neural network based systems have been developed which appropriate warnings in step 324 before exiting in step 326. 
provide powerful self-learning and adaptation capabilities to In sum, the profiler of FIG. 6 runs silently in the back- 
cope with uncertainties and changes in the system environ- 15 ground unless cumulative discrepancies raise a question as 
ment. Modeled after biological neural networks, engineered to the identity of the person taking the computerized exami- 
neural networks process training data and formulate a matrix nation. In such event, the profiler randomly selects one or 
of coefficients representative of the firing thresholds of more questions from the list of questions previously pro- 
biological neural networks. The matrix of coefficients are pounded to the student at the initialization. For instance the 
derived by repetitively circulating data through the neural ^ profiler requests the student type in certain sequences such 
network in training sessions and adjusting the weights in the as his or her name, telephone number and other personal 
coefficient matrix until the outputs of the neural networks are information which is very familiar to the student and to 
witrun predetermined ranges of the expected outputs of the which a predictable keystroke pattern response can be 
training data. Thus, after training, a generic neural network expected. In the event that the answer is not what the profiler 
conforms to the particular task assigned to the neural net- M expects, the profiler either shuts down the computer-aided 
work. This property is common to a large class of flexible training program and/or informs appropriate authorities of 
functional form models known as non-parametric models, the potential question with respect to the student's account 
which includes neural networks, Fourier series, smoothing If the profiler does not object to the identity of the student 
splines, and kernel estimators. The neural network model is taking the computer-aided examination, the results of the 
suitable for modeling complex identification processes due ^ test are stored in a remote database server for eventual 
to its ability to approximate arbitrarily complex functions. uploading to the educational institution for appropriate issu- 
Further, the data derived neural network model can be ance of grades. In this manner, the present invention pro- 
developed without a detailed knowledge of the underlying vides an interesting and productive environment for the 
steps, in contrast with those in expert systems. Additionally, student to progress at his or her own pace. The invention also 
fuzzy-based comparators can be used in step 300 to identify 35 reduces the labor costs associated with the educational 
the individual. Fuzzy comparators essentially provide a process through its passive monitoring of the examination 
range of inputs where the mdividual'sdata entry can vary in process as well as active verification of the test-taker's 
pattern without affecting the identification of the individual. identity when necessary. 

From step 300 of FIG. 6, if the characteristics do not 1\irning now to FIG. 7, the initialization of the MindPrint 
match in step 302, the routine proceeds to step 304 where the 40 database is shown in more detail. In FIG. 7, from step 226 
student is probed with questions to identify his or her the routine generates a list of questions that are unique to the 
identity. Next, from step 304, the routine checks to see if the student. These questions include personal questions such as 
responses from the student match the previous answers in birth date, weight, parental history, and courses currently 
the initial session, as discussed in more detail in FIG. 7. taken. This information is stored into a database. 
From step 306, in the event that the answers do not match, 45 Additionally, while the student replies, the routine also 
the routine of FIG. 5 either shuts down the learning program initiates a characteristic capture mode in FIG. 7. Thus, from 
in step 308 and/or generates warnings to the accrediting step 226, the routine proceeds to step 340 where the key- 
institution in step 308. Thus, the routine can silently generate board actuations are monitored. Over a period of time, the 
a warning to the educational institution while allowing the normal pattern is established for the keyboard actuation in 
student to continue the session in the event that the verifier 50 step 342. Similarly, the mouse actuations are recorded in 
indicates a mismatch between the database characteristics step 344, and a normal pattern is established in step 346. In 
and the characteristics of the current user. From step 302 or addition, potential data entry errors that arc repetitive of a 
306, in the event that the answers match the responses particular individual, including the misspellings of a par- 
provided during the initial session, the routine does not ticular word, are monitored in step 348. In step 350 the 
generate any alarm and simply exits in step 309. 55 Dor mal pattern for data entry errors is established. In step 
Turning now to FIG. 6, the monitor reply step 292 is 352, all of these characteristic data are stored into the 
shown in more detail. In FIG. 6, from step 292, the routine MindPrint initialization database before the routine of FIG. 
monitors keyboard actuations in step 310. Next it compares 7 exits in step 354. 

the keyboard actuations with a normal pattern for keyboard Thus, the computer-aided educational system of the 
actuations in step 312. The normal patterns for keyboard 60 present invention ensures a controlled test-taking method- 
actuation is accumulated over time to accurately reflect the ology as well as a proper verification of the identity of the 
data entry characteristics of the student. Additionally, from student taking the examination. The verifier operates to 
step 312, the routine proceeds to step 314 where it monitors ensure that the student taking the examination is indeed the 
mouse actuation. person ^ he or shc claims to ^ The verifier 

Next, in step 316, the routine compares the user's current 65 deploys the profiler which, during the first session, pro- 
match mouse actuations with the normal pattern for mouse pounds a list of questions highly specific to the student such 
actuations, as developed over a period of time. From step only that student could be expected to answer those ques- 
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lions correctly in the future. Next, the profiler requests the 4. The apparatus of claim 1, wherein said habit capture 

student to type in certain sequences such as his or her name, system captures mouse click patterns, 

telephone number and other personal information which is 5. The apparatus of claim 1, wherein said habit capture 

very familiar to the student and to which a predictable system captures spelling patterns. 

keystroke _ pattern response can be expected These initial- 5 6 . The apparatus of claim 1, wherein said secure appli- 

izabon informattoo are captured and recorded on a database ^ ^^u Cational ap p hcatioiL W 

in a server on the Internet - ~. . . . . *T - . . . . , 

w-i • . ... 7. lne apparatus or claim 6, wherein said educational 

Furthermore, as the students interact with the computer ,«»i;„t;«« fi.^- ™ ™ . «k* T • , T 

t • • . - , . . ^ / application further comprises teaching materials and test 

training material of the present invention during each materials. 

session, his or her activities are recorded and analyzed ona „ o-n_ • _ r i * « ^ . 
stroke-by-stroke basis. For instance, the profiler of the 10 . $ J bC Waratus of claim 7, wherein a portion or the entire 
present invention monitors mouse movement and estab- teaming materials and test materials are encrypted, 
lishes a normal mouse movement and clicking pattern. ' apparatus of claun 6 ' wherein said user has a 
Additionally, the profiler of the present invention monitors st ? . m ldcntificatl0n issued by an institution, further corn- 
keyboard usage and forms a pattern indicative of the student pnang: 

taking the computer-aided training. Furthermore, the profiler 15 a grader coupled to said test materials, said grader pro- 
of the present invention also performs an error pattern pounding questions to said user, said grader further 
analysis consisting of consistent misspellings of particular assigning a grade to said user based on said user's 
words or consistent key stroke errors reflecting on the responses to said questions; and 
identity of the test-taker. a grade reporter coupled to said grader and said 
Although the present invention discloses the use of the 20 institution, said grade reporter providing said grade to 
video camera, the voice capture board, and the digitizer pad, ^d institution. 

the invention comtemplates that other identity input mecha- Tbe apparatus of claim 9, wherein said grade reporter 

nisms can be used as well, including retinal and fingerprint ^ ^upled t0 said verifier, said grade reporter notifying said 

scanners. Further, electronic identification cards such as an institution when said verifier asserts said error signal, 
encrypted card can be inserted as additional means of 25 11- A program storage device for verifying the identity of 

identity verification. Furthermore, although the Wolfpack a USCT wnile said user operates a secure application, said user 

failover mode has been identified as preferred, the present exhibiting one or more characteristics unique to said user, 

invention contemplates that other modes of fail-safe com- ^d u&tr exhibited characteristics captured using one or 
puting may be used in the servers. Thus, the foregoing x more ^P ui devices, said program storage device compris- 

disclosure and description of the invention are illustrative U1 S : 

and explanatory thereof, and various changes in the size, a habit capture system adapted to receive said user 

shape, materials, components, circuit elements, wiring con- exhibited characteristics, the characteristics including 

nections and contacts, as well as in the details of the one of response patterns to queries generated by the 

illustrated circuitry and construction and method of opera- 35 secure application, typing patterns, misspelling 

tion may be made without departing from the spirit of the patterns, and mouse click patterns; 

invention. a database coupled to said habit capture system, said 

What is claimed is: database adapted to store predetermined habits and 

1. An apparatus for verifying the identity of a user while personal characteristics upon initialization of said data- 
said user operates a secure application, said user exhibiting ^ base; 

one or more behavioral patterns unique to said user, said user a verifier code coupled to said database and said habit 

exhibited behavioral patterns captured using one or more capture code, said verifier code sampling the user's 

interface devices, said apparatus comprising: characteristics and comparing said characteristics to 

a habit capture system adapted to receive said user said database, said verifier code asserting an error 

exhibited behavioral patterns, including one of 45 signal when said user characteristics and said database 

response patterns to queries generated by the secure predetermined characteristics fails to match; and 

application, typing patterns, misspelling patterns, and a lock code coupled to said verifier code and to said 

mouse chek patterns; application, said lock code either generating a warning 

a database coupled to said habit capture system, said 0 r ejecting said user from said secure application when 

database adapted to store predetermined habits and 50 said verifier code asserts said error signal, 

personal characteristics upon initialization of said data- 12. The program storage device of claim 11, wherein said 

b* 56 ! habit capture code captures key stroke patterns, mouse click 

a verifier coupled to said database and said habit capture patterns, or spelling patterns, 

system, said verifier sampling the user's behavioral 13. The program storage device of claim U, wherein said 

patterns and comparing said behavioral patterns to said 55 secure application is an educational application, 

database, said verifier asserting an error signal when 14. The program storage device of claim 13, wherein said 

said user behavioral patterns and said database prede- educational application further comprises teaching materials 

termined habits and personal characteristics fail to and test materials. 

match; and 15. The program storage device of claim 14, wherein said 

a lock coupled to said verifier and to said application, said 60 teaching materials and test materials are encrypted. 

lock either generating a warning or ejecting said user 16. The program storage device of claim 14, wherein said 

from said secure application when said verifier asserts user has a student identification issued by an institution, 

said error signal. further comprising: 

2. The apparatus of claim 1, wherein said database is a grader code coupled to said test materials, said grader 
stored on a server located on an Internet. 65 code propounding questions to said user, said grader 

3. The apparatus of claim 1, wherein said habit capture code further assigning a grade to said user based on said 
system captures key stroke patterns. user's responses to said questions; and 
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a grade reporter code coupled to said grader and said 
institution, said grade reporter code providing said 
grade to said institution. 

17. The program storage device of claim 16, wherein said 
grade reporter code is coupled to said verifier code, said 
grade reporter code notifying said institution when said 
verifier code asserts said error signal. 

18. A method for verifying the identity of a user while said 
user operates a secure application, said user exhibiting one 
or more characteristics unique to said user, said user exhib- 
ited characteristics captured using one or more input 
devices, said method comprising the steps of: 

storing predetermined habits and personal characteristics 
into a database upon initialization; 

capturing the user's exhibited habits and characteristics, 
the habits and characteristics including one of response 
patterns to queries generated by the secure application, 
typing patterns, misspelling patterns, and mouse click 
patterns; 
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verifying the captured habits and characteristics against 
the predetermined habits and characteristics stored in 
the database; 

asserting an error signal when said user characteristics 
and said database predetermined characteristics fail to 
match; and 

generating a warning or locking the user from the appli- 
cation when the error signal is asserted. 

19. The method of claim 18, wherein said capturing step 
receives key stroke patterns, mouse click patterns, or spell- 
ing patterns. 

20. The method of claim 18, wherein said application is 
an educational application, further comprising the step of 
either generating a warning or locking said user out of said 
educational application when said error signal is asserted. 
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